Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/502a56-7e08-467f-802c-9d23b562118f/1/hp0CRbs_499OlQ2d59W4q8uhFZo.roa
File: hp0CRbs_499OlQ2d59W4q8uhFZo.roa (raw, json)
Hash identifier: p6Z6yjmNERu7aZ5sFhG7EFBIm40zsHzMvUTzm1XPNRA=
Subject key identifier: 86:9D:02:45:BB:3F:E3:DF:4E:95:0D:9D:E7:D5:B8:AB:CB:A1:15:9A
Certificate issuer: /CN=b7d4de6d626863478e95bce683a87f0aaf49b5d0
Certificate serial: 018D108E500B45A431779AAF55C96ACD0C83
Authority key identifier: B7:D4:DE:6D:62:68:63:47:8E:95:BC:E6:83:A8:7F:0A:AF:49:B5:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t9TebWJoY0eOlbzmg6h_Cq9JtdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/502a56-7e08-467f-802c-9d23b562118f/1/hp0CRbs_499OlQ2d59W4q8uhFZo.roa
Signing time: Tue 16 Jan 2024 04:36:18 +0000
ROA not before: Tue 16 Jan 2024 04:36:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215745
IP address blocks: 2a14:7580:b::/48 maxlen: 48
2a14:7580:beef::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:10:8e:50:0b:45:a4:31:77:9a:af:55:c9:6a:cd:0c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7d4de6d626863478e95bce683a87f0aaf49b5d0
Validity
Not Before: Jan 16 04:36:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869d0245bb3fe3df4e950d9de7d5b8abcba1159a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8c:c5:ba:b5:49:16:f2:e8:ba:a6:e2:7a:a9:
48:5a:82:72:0f:37:4c:5c:f4:f3:e0:d1:d0:28:0f:
9c:ac:e1:2f:2f:a9:64:11:a1:ff:66:6a:5f:a9:f4:
94:02:24:c4:f3:37:bf:41:b8:ee:6e:97:02:ae:27:
b9:f9:ae:e3:f4:f8:22:0c:7b:c7:9c:ea:32:ba:52:
45:42:c1:52:cc:e6:5c:08:62:48:6f:c5:f0:76:b8:
4d:df:3a:35:21:af:7b:c0:4c:22:ac:3e:17:1b:b7:
e3:6c:55:93:64:9a:f1:3e:b7:6a:ca:b8:45:ba:ab:
4f:0f:85:db:72:a9:34:77:c1:e1:7a:bf:c6:56:2e:
03:3c:13:60:7e:18:2f:a1:03:40:1d:ce:b5:c1:b1:
69:24:e2:fc:f5:91:15:89:18:be:9f:3b:f9:19:2b:
73:82:a2:5b:3c:dd:8d:6a:5e:f3:26:cc:59:d7:10:
04:a9:7e:df:f1:7d:e6:53:77:20:de:e4:2c:55:71:
a9:41:17:48:d6:5b:8a:e1:c0:4e:32:e9:ab:29:76:
f8:3d:85:b8:dd:db:3b:05:ee:08:5c:03:86:63:a8:
63:e8:74:f8:23:0f:8c:2f:88:4c:f2:7d:ea:4a:bc:
5f:2b:d7:66:0e:49:03:85:23:5e:98:e4:6a:ef:a7:
e6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9D:02:45:BB:3F:E3:DF:4E:95:0D:9D:E7:D5:B8:AB:CB:A1:15:9A
X509v3 Authority Key Identifier:
keyid:B7:D4:DE:6D:62:68:63:47:8E:95:BC:E6:83:A8:7F:0A:AF:49:B5:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t9TebWJoY0eOlbzmg6h_Cq9JtdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/502a56-7e08-467f-802c-9d23b562118f/1/hp0CRbs_499OlQ2d59W4q8uhFZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/502a56-7e08-467f-802c-9d23b562118f/1/t9TebWJoY0eOlbzmg6h_Cq9JtdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:b::/48
2a14:7580:beef::/48
Signature Algorithm: sha256WithRSAEncryption
4b:55:00:20:2c:d2:70:c5:9c:27:26:0e:8e:6f:61:70:6a:f1:
45:84:6b:27:60:1d:c4:e0:b0:3e:28:d7:9d:40:5d:2c:b0:56:
80:d9:15:3b:f8:36:48:d3:fe:e3:f1:70:41:5b:e2:56:f4:04:
59:ce:4c:3a:bd:00:a8:2d:27:d5:08:31:f0:3b:fa:c5:38:e0:
61:a9:76:43:e5:cc:53:e2:d3:91:de:aa:cb:78:16:ac:42:a6:
98:29:f8:2e:47:20:8f:ba:4e:22:80:fd:3d:22:8f:2b:cc:fe:
01:6a:a4:aa:86:92:43:02:41:63:e0:d1:29:32:01:a1:c2:66:
0e:40:8c:fc:fd:59:e0:47:bd:17:9f:47:09:98:32:59:ad:4b:
91:c6:01:d2:09:00:cf:55:15:b3:16:9b:8a:cf:fc:4c:7f:30:
dc:87:9d:1c:e7:9a:9b:b1:a0:3f:62:4c:1e:e8:69:96:24:43:
d4:01:44:22:1a:00:e6:41:b0:94:5f:90:5d:df:f6:80:77:22:
af:05:94:ce:c2:4e:cf:ca:84:83:4f:13:4a:53:c9:e1:d7:21:
ce:7f:5c:16:d0:36:89:bf:5d:c4:cf:2b:c5:5f:17:ff:2c:27:
b4:73:95:e8:06:cf:c0:b8:d5:10:63:5d:34:0b:32:4d:2d:67:
d7:35:ce:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0QjlALRaQxd5qvVclqzQyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZDRkZTZkNjI2ODYzNDc4ZTk1YmNlNjgzYTg3ZjBhYWY0
OWI1ZDAwHhcNMjQwMTE2MDQzNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlkMDI0NWJiM2ZlM2RmNGU5NTBkOWRlN2Q1YjhhYmNiYTExNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIzFurVJFvLouqbieqlIWoJyDzdM
XPTz4NHQKA+crOEvL6lkEaH/ZmpfqfSUAiTE8ze/QbjubpcCrie5+a7j9PgiDHvH
nOoyulJFQsFSzOZcCGJIb8XwdrhN3zo1Ia97wEwirD4XG7fjbFWTZJrxPrdqyrhF
uqtPD4Xbcqk0d8Hher/GVi4DPBNgfhgvoQNAHc61wbFpJOL89ZEViRi+nzv5GStz
gqJbPN2Nal7zJsxZ1xAEqX7f8X3mU3cg3uQsVXGpQRdI1luK4cBOMumrKXb4PYW4
3ds7Be4IXAOGY6hj6HT4Iw+ML4hM8n3qSrxfK9dmDkkDhSNemORq76fmjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIadAkW7P+PfTpUNnefVuKvLoRWaMB8GA1UdIwQY
MBaAFLfU3m1iaGNHjpW85oOofwqvSbXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDlUZWJXSm9ZMGVPbGJ6bWc2aF9DcTlKdGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81MDJhNTYtN2UwOC00NjdmLTgwMmMt
OWQyM2I1NjIxMThmLzEvaHAwQ1Jic180OTlPbFEyZDU5VzRxOHVoRlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81MDJhNTYtN2UwOC00NjdmLTgwMmMtOWQyM2I1NjIxMThm
LzEvdDlUZWJXSm9ZMGVPbGJ6bWc2aF9DcTlKdGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhR1gAAL
AwcAKhR1gL7vMA0GCSqGSIb3DQEBCwUAA4IBAQBLVQAgLNJwxZwnJg6Ob2FwavFF
hGsnYB3E4LA+KNedQF0ssFaA2RU7+DZI0/7j8XBBW+JW9ARZzkw6vQCoLSfVCDHw
O/rFOOBhqXZD5cxT4tOR3qrLeBasQqaYKfguRyCPuk4igP09Io8rzP4BaqSqhpJD
AkFj4NEpMgGhwmYOQIz8/VngR70Xn0cJmDJZrUuRxgHSCQDPVRWzFpuKz/xMfzDc
h50c55qbsaA/Ykwe6GmWJEPUAUQiGgDmQbCUX5Bd3/aAdyKvBZTOwk7PyoSDTxNK
U8nh1yHOf1wW0DaJv13EzyvFXxf/LCe0c5XoBs/AuNUQY100CzJNLWfXNc5o
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:18 2025 by rpki-client